[Free] 2018(May) EnsurePass Examcollection Cisco 350-018 Dumps with VCE and PDF 121-130

Ensurepass.com : Ensure you pass the IT Exams
2018 May Cisco Official New Released 350-018
100% Free Download! 100% Pass Guaranteed!

CCIE Security Exam (v4.1)

Question No: 121 – (Topic 2)

For which router configuration is the attack-drop.sdf file recommended?

  1. Routers with less than 128 MB of memory.

  2. Routers with less than 64 MB of memory.

  3. Routers with at least 128 MB of memory.

  4. Routers with at least 192 MB of memory.

  5. Routers with at least 256 MB of memory.

Answer: A Explanation:

An SDF has definitions for each signature it contains. After signatures are loaded and complied onto a router running Cisco IOS IPS, IPS can begin detecting the new signatures immediately. If the default, built-in signatures that are shipped with the routers are not used, then one of three different types of SDFs can be selected for download, which are pre-configured for routers with memory requirements:

->attack-drop.sdf file (which is a static file that has 83 signatures) is used for routers

with less than 128MB memory.

->128MB.sdf (which has about 300 signatures) is used for routers with 128 MB or more memory.

->256MB.sdf (which has about 500 signatures) is used for routers with 256 MB or more memory.

Reference: http://www.cisco.com/c/en/us/td/docs/ios- xml/ios/sec_data_ios_ips/configuration/12-4t/sec-data-ios-ips-12-4t-book/sec-cfg- ips.html#GUID-09308574-4A31-4DBF-820E-A3F03BC47512

Question No: 122 – (Topic 2)

What is an RFC 2827 recommendation for protecting your network against DoS attacks with IP address spoofing?

  1. Advertise only assigned global IP addresses to the internet

  2. Use ingress traffic filtering to limit traffic from a downstream network to known advertised prefixes.

  3. Use the TLS protocol to secure the network against eavesdropping

  4. Brower-based applications should be filtered on the source to protect your network from know advertised prefix

Answer: B

Question No: 123 DRAG DROP – (Topic 2)

Drag and drop the description on the left onto the associated items on the right.

Ensurepass 2018 PDF and VCE


Ensurepass 2018 PDF and VCE


Collection of similar programs that work together to execute specific tasks – botnet Independent malicious program copies itself from one host to another host over a network and carries other programs – Viruses

Programs that appear to have one function but actually perform a different function – Trojan horse

Programs that modify other programs and that attach themselves to other programs on execution – Worms

Question No: 124 – (Topic 2)

Which two statements about the IPv6 OSPFv3 authentication Trailer are true (choose two)

  1. The AT-bit resides in the OSPFv3 Header field

  2. The IPv6 Payload length includes the length of the authentication Trailer

  3. It Provide an alternative option to OSPFv3 IPsec authentication

  4. The AT-bit must be set only in OSPFv3 Hello packets that include an Authentication Trailer

  5. The AT-bit must be set only in OSPFv3 Database Description packets that include an Authentication Trailer

  6. The OSPFv3 packet length includes the length of the Authentication Trailer

Answer: D,E

Question No: 125 – (Topic 2)

Which two statements about Cisco MQC are true? (Choose two)

  1. It can classify Layer 2 Packets from legacy protocols

  2. By default, its uses match-any matching

  3. A packet can match only one traffic class within an individual traffic policy

  4. It allows you to link multiple traffic policies to a single traffic class.

  5. Unclassified traffic is queued in a FIFO queue to be managed by the match not command configuration

  6. It can handle Layer2 packets from legacy protocol without classifying them.

Answer: E,F

Question No: 126 – (Topic 2)

Which two ESMTP commands are supported by the ASA inspection engine? (Choose two.)

  1. SOML

  2. LINK

  3. VERB

  4. ONEX

  5. ETRN

  6. ATRN

Answer: A,E Explanation:

ESMTP is an enhancement to the SMTP protocol and is similar is most respects to SMTP. For convenience, the term SMTP is used in this document to refer to both SMTP and ESMTP. The application inspection process for extended SMTP is similar to SMTP application inspection and includes support for SMTP sessions. Most commands used in an extended SMTP session are the same as those used in an SMTP session but an ESMTP session is considerably faster and offers more options related to reliability and security, such as delivery status notification.

Extended SMTP application inspection adds support for these extended SMTP commands, including AUTH, EHLO, ETRN, HELP, SAML, SEND, SOML, STARTTLS, and VRFY.

Along with the support for seven RFC 821 commands (DATA, HELO, MAIL, NOOP, QUIT, RCPT, RSET), the ASA supports a total of fifteen SMTP commands.

Reference: http://www.cisco.com/c/en/us/td/docs/security/asa/asa-command-reference/I-


Question No: 127 – (Topic 2)

Which MAC address control command enables usage monitoring for a CAM table on a switch?

  1. mac-address-table synchronize

  2. mac-address-table limit

  3. mac-address-table secure

  4. mac-address-table notification threshold

  5. mac-address-table learning

Answer: D Explanation:

mac-address-table notification threshold

To enable content-addressable memory (CAM) table usage monitoring notification, use the mac-address-table notification threshold command in global configuration mode. To disable CAM table usage monitoring notification, use the no form of this command.




Question No: 128 – (Topic 2)

Which two statements about Flexible Packet Matching are true? (Choose two)

  1. It is supported by CSM management applications

  2. It can classify traffic at the bit level

  3. It can detected and filter malicious traffic

  4. It provides stateful classification for Layer 2 to Layer 7 traffic

  5. It can inspect non-IP protocol

Answer: B,C

Question No: 129 – (Topic 2)

Which statement about ACS rule-based policies is true?

  1. The permissions for rule-based policies are defined in authentication profile.

  2. Permission for rule-bases polices are associated with user group.

  3. Rule-based polices can apply different permission to the same user under different condition

  4. TACACS is one of the attributes included in the authorization profile

Answer: B

Question No: 130 – (Topic 2)

Which three items does TLS rely on to prove identity? (Choose three.)

  1. certificates

  2. password

  3. username

  4. Trustpoint

  5. private keys

  6. public keys

Answer: A,E,F Explanation:

The Secure Socket Layer (SSL) protocol and Transport Layer Security (TLS) are application-level protocols that provide for secure communication between a client and server by allowing mutual authentication, the use of hash for integrity, and encryption for privacy. SSL and TLS rely on certificates, public keys, and private keys.

Reference: http://www.cisco.com/c/en/us/td/docs/routers/crs/software/crs_r4-


100% Ensurepass Free Download!
Download Free Demo:350-018 Demo PDF
100% Ensurepass Free Guaranteed!
Download 2018 EnsurePass 350-018 Full Exam PDF and VCE

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No